IBM took a step into the burgeoning secure access service edge (SASE) space in May when it partnered with cybersecurity vendor Zscaler to help enterprises secure their networks as they expand their reach to the edge. Now the IT giant is growing that partnership with new managed services aimed at helping businesses navigate a business world still impacted by the COVID-19 pandemic.
IBM Security this month is releasing new zero-trust blueprints that address a range of business issues, from hybrid workforces and third-party network access to network transformation, 5G and the Internet of Things (IoT).
Organizations are looking for new ways to enable employees to access the corporate data and applications they need to do their work but to ensure their networks are secure, which is changing with the rapidly evolving worker environment and the rise of the cloud and the network edge.
“Traditional approaches to network security are not as viable in a digital world where users and applications are distributed,” Mary O’Brien, general manager of IBM Security, said in a statement. “We’re seeing this transformation happen right before our eyes as many organizations plan to operate in a hybrid model for the foreseeable future. This new approach requires a shift in culture, processes and collaboration across teams alongside a new technology architecture.”
High Interest in SASE
The interest in SASE, which is essentially the delivery of both WAN and security as a cloud service, has been on the rise for the past couple of years, but that has accelerated since the onset of the pandemic last year, which almost overnight sent most employees home to work. SASE also is a key aspect of a zero-trust architecture, which is designed to validate any device looking to connect to the corporate network before access is granted.
According to a recent study from Forrester Consulting and commissioned by IBM, 78 percent of organizations surveyed are either interested in or plan to implement SASE in the next 12 months. At the same time, Grand View Research analysts predict that the worldwide zero-trust security market, which was $19.8 billion last year, will grow an average of 15.2 percent a year through 2028, driven by the proliferation of endpoint devices and the adoption of cloud technologies.
The embrace of a cloud-base model of SASE makes sense, according to Rob Enderle, principal analyst with The Enderle Group.
“Security remains a top priority and where it is currently weakest is at the edge, thus the significant focus on fixing that,” Enderle told Enterprise Networking Planet. “Everyone is sweating that subsequent extensive career-ending breach. The entire industry is switching to SaaS [software-as-a-service] to better match costs to needs and to avoid CapEx approvals and allocation of depreciation issues. Particularly when sweating potential downsizing events like the pandemic, firms want flexibility in terms of costs. You get that with OpEx, not CapEx.”
Hybrid Cloud Focus
IBM’s entrance into the SASE services space dovetails with its focus on the hybrid cloud and cloud services, as well as its focus on enabling organizations to adopt a hybrid work scenario. The company is leveraging Zscaler’s zero-trust network access and secure web gateway technologies, integrating Zscaler Private Access, which delivers network access in a zero-trust architecture. Zscaler’s Internet Access offering is the secure web gateway.
IBM Security throws in a range of its own products and services, including identity and access management (IAM), security information and access management (SIEM), threat management, detection and response, and cloud and mobile security. Enterprises can adopt these offerings via a fully managed service or by leveraging IBM to help them pull together an SASE architecture.
The vendor also offers a five-step maturity model to help organizations map out their SASE strategy.
IBM’s SASE Blueprints
Through the hybrid workforce blueprint, IBM can help businesses replace traditional VPN connectivity with zero-trust methods that can adapt to employees who work part time in the office and the rest of the time remotely. The company also is offering integrated SASE security to support 5G, edge, and IoT deployments and help in developing a solution to define internal workforce policies to contractors and third-party users.
There also is a blueprint for helping organizations to move from a traditional networking model to a cloud-based framework as part of their larger SASE implementation, which in turn can lower latency and costs. In addition, IBM is putting a focus on mergers and acquisitions by designing integrated access management that can leverage the technologies used by all companies involved with the transaction.
All In on Hybrid Cloud
IBM has gone all-in on the hybrid cloud and artificial intelligence (AI) as key growth areas for the company, based largely on its $34 billion acquisition of Red Hat in 2019, with Red Hat’s OpenShift Kubernetes-based container platform being foundational to the strategy.
In a letter to investors earlier this year, IBM Chairman and CEO Arvind Krishna reiterated the company’s push into the hybrid cloud and AI, with OpenShift as the core product. Krishna noted that the hybrid cloud is a $1 trillion opportunity and that fewer than 25 percent of workloads have moved into public clouds so far. At the same time, the deployment rate of AI by enterprises is in the single digits.
“What we have witnessed over the past year is an acceleration of digital transformation,” he wrote. “Every company in every industry wants to build a much stronger digital foundation to fundamentally change the way its business works. There is no going back. In the next two to three years, we expect to see digital transformation at a rate that, before 2020, we thought would take 5 to 10 years.”
Digital transformation also will put an emphasis on new security architectures, which helps explain IBM’s growing focus on SASE, according to Enderle.“SaaS deployments tend to be cloud-related as that is how you contain the related expense risks as a supplier,” the analyst said. “However, I expect this is tied more to IBM’s huge current focus on improving their security offerings than it is focused on driving IBM cloud use.”